Using try-with-resources for AwsCrypto streams

Author: WesleyRosenblum

src/examples/java/com/amazonaws/crypto/examples/EscrowedEncryptExample.java

@@ -14,6 +14,7 @@
 package com.amazonaws.crypto.examples;
 
 import com.amazonaws.encryptionsdk.AwsCrypto;
+import com.amazonaws.encryptionsdk.AwsCrypto.AwsCryptoConfig;
 import com.amazonaws.encryptionsdk.keyrings.Keyring;
 import com.amazonaws.encryptionsdk.keyrings.StandardKeyrings;
 import com.amazonaws.encryptionsdk.kms.KmsClientSupplier;
@@ -107,7 +108,7 @@ private static byte[] standardEncrypt(final String kmsArn, final PublicKey publi
         // 6. Instantiate the AwsCryptoConfig input to AwsCrypto with the keyring
         //    To simplify the code, we omit the encryption context. Production code should always
         //    use an encryption context. For an example, see the other SDK samples.
-        final AwsCrypto.AwsCryptoConfig config = AwsCrypto.AwsCryptoConfig.builder()
+        final AwsCryptoConfig config = AwsCryptoConfig.builder()
                 .keyring(keyring)
                 .build();
 
@@ -133,7 +134,7 @@ private static byte[] standardDecrypt(final String kmsArn, final byte[] cipherTe
         // 4. Instantiate the AwsCryptoConfig input to AwsCrypto with the keyring
         //    To simplify the code, we omit the encryption context. Production code should always
         //    use an encryption context. For an example, see the other SDK samples.
-        final AwsCrypto.AwsCryptoConfig config = AwsCrypto.AwsCryptoConfig.builder()
+        final AwsCryptoConfig config = AwsCryptoConfig.builder()
                 .keyring(kmsKeyring)
                 .build();
 
@@ -155,7 +156,7 @@ private static byte[] escrowDecrypt(final byte[] cipherText, final PublicKey pub
         // 3. Instantiate the AwsCryptoConfig input to AwsCrypto with the keyring
         //    To simplify the code, we omit the encryption context. Production code should always
         //    use an encryption context. For an example, see the other SDK samples.
-        final AwsCrypto.AwsCryptoConfig config = AwsCrypto.AwsCryptoConfig.builder()
+        final AwsCryptoConfig config = AwsCryptoConfig.builder()
                 .keyring(rsaKeyring)
                 .build();
 

src/examples/java/com/amazonaws/crypto/examples/FileStreamingExample.java

@@ -14,6 +14,7 @@
 package com.amazonaws.crypto.examples;
 
 import com.amazonaws.encryptionsdk.AwsCrypto;
+import com.amazonaws.encryptionsdk.AwsCrypto.AwsCryptoConfig;
 import com.amazonaws.encryptionsdk.AwsCryptoInputStream;
 import com.amazonaws.encryptionsdk.keyrings.Keyring;
 import com.amazonaws.encryptionsdk.keyrings.StandardKeyrings;
@@ -49,13 +50,15 @@
 public class FileStreamingExample {
 
     public static void main(String[] args) throws IOException {
-        final String srcFile = args[0];
+        final File srcFile = new File(args[0]);
+        final File encryptedFile = new File(args[1]);
+        final File decryptedFile = new File(args[2]);
 
-        encryptAndDecrypt(srcFile);
+        encryptAndDecrypt(srcFile, encryptedFile, decryptedFile);
 
     }
 
-    static void encryptAndDecrypt(final String srcFile) throws IOException {
+    static void encryptAndDecrypt(final File srcFile, final File encryptedFile, final File decryptedFile) throws IOException {
         // 1. Instantiate the SDK
         final AwsCrypto crypto = new AwsCrypto();
 
@@ -76,46 +79,40 @@ static void encryptAndDecrypt(final String srcFile) throws IOException {
         final Map<String, String> encryptionContext = Collections.singletonMap("Example", "FileStreaming");
 
         // 5. Instantiate the AwsCryptoConfig input to AwsCrypto with the keyring and encryption context
-        final AwsCrypto.AwsCryptoConfig config = AwsCrypto.AwsCryptoConfig.builder()
+        final AwsCryptoConfig config = AwsCryptoConfig.builder()
                 .keyring(keyring)
                 .encryptionContext(encryptionContext)
                 .build();
 
         // 6. Create the encrypting stream. Because the file might be too large to load into memory,
         //    we stream the data, instead of loading it all at once.
-        final AwsCryptoInputStream encryptingStream =
-                crypto.createEncryptingStream(config, new FileInputStream(srcFile));
-
-        // 7. Copy the encrypted data into a file.
-        final File encryptedFile = new File(srcFile + ".encrypted");
-        try (FileOutputStream out = new FileOutputStream(encryptedFile)) {
-            IOUtils.copy(encryptingStream, out);
-            encryptingStream.close();
+        try (final AwsCryptoInputStream encryptingStream =
+                crypto.createEncryptingStream(config, new FileInputStream(srcFile))) {
+
+            // 7. Copy the encrypted data into the encrypted file.
+            try (FileOutputStream out = new FileOutputStream(encryptedFile)) {
+                IOUtils.copy(encryptingStream, out);
+            }
         }
 
         // 8. Create the decrypting stream.
-        final AwsCryptoInputStream decryptingStream =
-                crypto.createDecryptingStream(config, new FileInputStream(encryptedFile));
+        try(final AwsCryptoInputStream decryptingStream =
+                crypto.createDecryptingStream(config, new FileInputStream(encryptedFile))) {
 
-        // 9. Verify that the encryption context in the result contains the
-        //    encryption context supplied to the createEncryptingStream method.
-        if (!"FileStreaming".equals(decryptingStream.getAwsCryptoResult().getEncryptionContext().get("Example"))) {
-            throw new IllegalStateException("Bad encryption context");
-        }
+            // 9. Verify that the encryption context in the result contains the
+            //    encryption context supplied to the createEncryptingStream method.
+            if (!"FileStreaming".equals(decryptingStream.getAwsCryptoResult().getEncryptionContext().get("Example"))) {
+                throw new IllegalStateException("Bad encryption context");
+            }
 
-        // 10. Copy the plaintext data to a file
-        final File decryptedFile = new File(srcFile + ".decrypted");
-        try (FileOutputStream out = new FileOutputStream(decryptedFile)) {
-            IOUtils.copy(decryptingStream, out);
-            decryptingStream.close();
+            // 10. Copy the plaintext data to a file
+            try (FileOutputStream out = new FileOutputStream(decryptedFile)) {
+                IOUtils.copy(decryptingStream, out);
+            }
         }
 
         // 11. Compare the decrypted file to the original
-        compareFiles(decryptedFile, new File(srcFile));
-
-        // 12. Clean up the encrypted and decrypted files
-        encryptedFile.delete();
-        decryptedFile.delete();
+        compareFiles(decryptedFile, srcFile);
     }
 
     /**

src/test/java/com/amazonaws/crypto/examples/FileStreamingExampleTest.java

@@ -26,7 +26,11 @@ class FileStreamingExampleTest {
     @Test
     void testEncryptAndDecrypt() throws IOException {
         final File tempFile = File.createTempFile("FileStreamingExampleTest-TempTestData", ".tmp");
+        final File encryptedFile = new File(tempFile.getPath()  + ".encrypted");
+        final File decryptedFile = new File(tempFile.getPath() + ".decrypted");
         tempFile.deleteOnExit();
+        encryptedFile.deleteOnExit();
+        decryptedFile.deleteOnExit();
 
         try(BufferedWriter writer = Files.newBufferedWriter(tempFile.toPath())) {
             for(int i = 0; i < 1000 ; i++) {
@@ -35,6 +39,6 @@ void testEncryptAndDecrypt() throws IOException {
             }
         }
 
-        FileStreamingExample.encryptAndDecrypt(tempFile.getPath());
+        FileStreamingExample.encryptAndDecrypt(tempFile, encryptedFile, decryptedFile);
     }
 }